Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
JR0ch17
January 25, 2022
Technology
59
0
Share
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
190
Getting Started in Bug Bounty
jr0ch17
0
170
Getting Blindly Lucky
jr0ch17
0
100
Qu'est-ce que le bug bounty?
jr0ch17
0
160
Finding 5 bugs in a single parameter
jr0ch17
0
120
Beyond the Borders of Scope
jr0ch17
1
99
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
ITエンジニアを取り巻く環境とキャリアパス / A career path for Japanese IT engineers
takatama
4
1.8k
「使われるデータ基盤」を目指してデータアナリストとワークショップをやった話
jackojacko_
2
940
先取りMaven4 ~16年ぶりのメジャーアップデート、その進化とは?~
ogiwarat
0
110
long-running-tasks
cipepser
2
450
APIテストとは?
nagix
0
160
Ruby::Boxでできること、Refinementsでできること
joker1007
2
110
イベントストーミングとKiroの仕様駆動開発で実現する要件の認識合わせプロセス
syobochim
7
980
Datadog 認定試験の概要と対策
uechishingo
0
210
Oracle AI Database@Azure:サービス概要のご紹介
oracle4engineer
PRO
6
1.8k
速さだけじゃない! VoidZero ツールが移行先に選ばれる理由
mizdra
PRO
6
700
大規模災害時でも高い信頼性を維持するアプリケーション基盤の実現/nikkei-tech-talk46
nikkei_engineer_recruiting
0
120
Claude code Orchestra
ozakiomumkj
3
780
Featured
See All Featured
Designing for Timeless Needs
cassininazir
1
240
Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)
konakalab
0
440
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.4k
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
310
Principles of Awesome APIs and How to Build Them.
keavy
128
17k
Docker and Python
trallard
47
3.9k
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
150
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
710
Visual Storytelling: How to be a Superhuman Communicator
reverentgeek
2
540
Everyday Curiosity
cassininazir
0
220
Understanding Cognitive Biases in Performance Measurement
bluesmoon
32
2.9k
Building a Modern Day E-commerce SEO Strategy
aleyda
45
9.1k
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
SiteGround - Reliable hosting with speed, security, and support you can count on.
jr0ch17
takatama
jackojacko_
ogiwarat
cipepser
nagix
joker1007
syobochim
uechishingo
oracle4engineer
mizdra
nikkei_engineer_recruiting
ozakiomumkj
cassininazir
konakalab
tammyeverts
skoyamalab
keavy
trallard
davidcarrasco
kimpetersen
reverentgeek
bluesmoon
aleyda
